THE Nigerian Communications Commission (NCC) has advised zoom users to update the application directly from the company’s official website to avoid data breaches.
In a statement by the Director, Public Affairs, Reuben Muoka, the NCC’s Computer Security Incident Response Team (NCC-CSIRT) said the Indian Computer Emergency Response Team (CERT-In) discovered bugs in the Zoom software.
The NCC-CSIRT advisory stated that the glitches found could allow hackers to bypass safety systems.
The statement read, “A remote attacker could exploit the vulnerabilities to circumvent implemented security measures and cause a denial of service on the targeted machine.
“These existing vulnerabilities are due to inaccuracy of control measures in ‘Zoom On-Premises Meeting Connector MMR before version 4.8.20220815.130.’
“Remote attackers could manoeuvre the flaws to join meetings unauthorized, be invisible to other attendees, illegitimately access audio and video feeds from meetings, and interrupt meeting sessions.”
That weak spot, the statement pointed out, could allow unaccredited users to evade the platform’s security measures on specific structures.
Zoom’s video telephony platform became popular with over 300 million daily users for virtual meetings during the COVID-19 pandemic.
The NCC had set up the CSIRT as the telecom sector’s cyber security incidence centre.
Accordingly, NCC-CSIRT focuses on telecom incidents as they may affect consumers and citizens. They also collaboratively work with Federal government established Nigeria Computer Emergency Response Team (ngCERT) to reduce future computer risks by preparing, protecting, and securing Nigerian cyberspace to forestall attacks and problems, or related events.
Vulnerabilities have been reported to Zoom, making CERT-In to recommend updating to the latest version of the software to avoid potential attacks.